Address the most common attacks on crypto wallets

by · September 26, 2022

Address the most common attacks on crypto wallets

The value of cryptocurrencies has fallen sharply recently, but they are still an asset class that banks need to monitor closely from a security perspective.

Many consumers store their cryptocurrencies in a digital wallet on their smartphone which is a prime target for attacks. There are many ways to attack a crypto wallet, but in my experience as a mobile security professional, defending against these five most common attacks will go a long way in making them much more secure.

To steal passphrases or private keys: Whether the crypto wallet is custodian (a third party controls the private keys required to manage funds) or non-custodian (the user has sole control over private keys), the keys themselves must be encrypted at the application level. Unencrypted keys in the application’s sandbox, SD card, preference areas, or external areas such as the clipboard can be stolen by hackers. With these keys, they can transfer money wherever they want.

By encrypting the keys at the application level, they will remain protected within the app, so even if the device is compromised, the keys will remain safe.

Dynamic attacks on private keys: Crypto wallet keys can also be stolen dynamically as the wallet owner enters the characters of the keys into the crypto wallet’s mobile app. There are three primary ways hackers can do this:

  • Over-the-shoulder attack: Traditionally, this refers to a situation where the hacker physically sits next to the user and watches them enter the private key or passphrase into the crypto wallet. But there are other ways to see a user enter these secrets. Screenshots, screen recordings and mirroring can be misused for this purpose.
  • Malware Keylogging: Smartphone malware works in the background to record every keystroke the user makes, which it then sends to hackers. Keylogging attacks can also give hackers control over the device’s operating system if the device has been rooted (Android) or jailbroken (iOS).
  • Overlay attack: This form of malware overlays a screen that tricks the owner into entering the private key or passphrase on a malicious screen or a malicious field inside the wallet app. The malware then sends the information to hackers or uses the information directly to take over the wallet and send the cryptocurrency funds to cybercriminals’ accounts.
See also  How Blockchain Technology Can Help Support Data Protection

To protect against these attacks, the app must be able to detect threats such as overlays, recordings and keylogging – and take action by warning the user or terminating operations.

Malicious instrumentation: Crypto wallet apps rely on transactions between the mobile client and the blockchain, meaning the wallet’s security depends on the integrity of the platform running it. If the device is jailbroken or rooted, or if cybercriminals misuse common software development tools like Frida, hackers can gain access to the blockchain address of the client app or even impersonate the app.

It is crucial for mobile crypto wallet apps to detect when they are operating in a jailbroken or rooted environment and shut down if necessary. They must also be able to block Frida, Magisk and other dynamic tools that could be used to compromise the integrity of critical functions. Best practices also require developers to obfuscate the app’s code to complicate hackers’ efforts to reverse engineer the app in the first place.

Man-in-the-middle (MitM) attack: Some crypto wallets are part of centralized or decentralized exchanges. Communication between the app and the server or peer-to-peer transactions open the mobile wallet to MitM attacks. All data in transmission must be encrypted, and it is crucial to enforce secure socket layer (SSL) / transport layer security (TLS) for all communications.

Emulators: Banks must also be aware that cybercriminals are adept at creating modified versions of a crypto wallet app. When used in conjunction with emulators, simulators or even malware on the device, they can enable hackers to create fake accounts, commit fraud and transfer cryptocurrency.

See also  Coins.ph unveils Coins Access, a solution to integrate crypto trading into any digital platform

The key to protecting against this type of attack is to use runtime application self-protection (RASP) methods, specifically anti-tampering, anti-debugging and emulator detection.

Cryptocurrency and mobile wallet security may seem out of reach for many banks, but as government-issued currencies increasingly move in a digital direction, the security lessons banks can learn from crypto will serve them well as they prepare to work with central bank digital currencies (CBDCs). Those days are not far off, so even banks that do not offer cryptocurrency services should start preparing their security strategies.

Karen Hsu is marketing manager at Appdome.

Related posts:

  1. MetaBitcoin (MBTC) attracts investment from Dubai’s first royal crypto fund, the Alawad Fund
  2. Before Cooperstown, David Ortiz extends the spectacle deal and sticks to crypto
  3. How to assess platform security
  4. The crypto market shaves off $50 billion in one day as the reversal begins

Tags:

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

Headline Posts